package com.woniuxy.configuration;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import com.woniuxy.realm.MyRealm;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

@Configuration  //表示当前类是一个配置类,作用与xml一样的，各种bean
public class ShiroConfiguration {
    //1.realm:域，从数据库中读取账号、角色、权限信息<bean id=''>
    @Bean
     public MyRealm myRealm(){
         return new MyRealm();
     }
    //2.securitymanager 安全管理，shiro核心
    @Bean//类型不匹配，可能是包导错，重新敲一遍
    public SecurityManager securityManager(MyRealm myRealm){
        DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
        manager.setRealm(myRealm);
        return manager;
    }

    //3.shrio的过滤器:指定哪些操作需要认证、需要指定的权限
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager){
        //创建过滤器的工厂对象
       ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        //设置安全管理器
        factoryBean.setSecurityManager(securityManager);
        //安全配置
        //设置登录界面
        factoryBean.setLoginUrl("/login.html");
        //没有权限时跳入的页面
        factoryBean.setUnauthorizedUrl("/error.html");
        //认证成功之后跳到的页面
        factoryBean.setSuccessUrl("/index.html");

        //过滤器的配置
        Map<String,String> map = new LinkedHashMap<>();//有序的map
        map.put("/index.html","anon");//匿名访问，不需要登录
        map.put("/login.html","anon");
        //放行静态资源
        map.put("/css/**","anon");//   /**表示当前目录及其子目录
        map.put("/js/**","anon");
        map.put("/html/**","anon");
        map.put("/layui/**","anon");
        map.put("/images/**","anon");

        //动态请求放行
        map.put("/phase/**","anon");
        map.put("/user/login","anon");

        //设置访问url的角色
        map.put("/student.html","roles[student]");
        map.put("/teacher.html","roles[teacher]");
        //设置权限 删除学生权限
        map.put("/student/del","perms[student:del]");

        //

        //注销
        map.put("/logout","logout");//logout登出操作，让session过期

        //除开以上情况都需要先认证才能访问
        map.put("/**","authc");//authc认证authentication

        //将map赋值给shrio过滤器
        factoryBean.setFilterChainDefinitionMap(map);

        return factoryBean;
    }

    //配置shrio注解
    //注解
    @Bean
    public AuthorizationAttributeSourceAdvisor
    createAasa(SecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor aasa
                = new AuthorizationAttributeSourceAdvisor();
        aasa.setSecurityManager(securityManager);
        return aasa;
    }
    //注解aop
    @Bean
    @ConditionalOnMissingBean
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator defaultAAP = new DefaultAdvisorAutoProxyCreator();
        defaultAAP.setProxyTargetClass(true);
        return defaultAAP;
    }

    @Bean
    public ShiroDialect shiroDialect() {
        return new ShiroDialect();//为了在thymeleaf里使用shiro的标签的bean
    }


}
